Collaborate Disseminate
What are the best practices to prevent the abuse of Wildcard certificates?
Can measures like restricted access to the domain control panel that is used for creating new A records be useful to get the necessary protection?
Use of wildcard x509 certs is not considered generally a good practice in the security world.
However, lately, I am noticing solutions in cloud require wildcard certs. The logic the providers recommend is mainly the conven… Continue reading Clouds & Wildcard SSL Certs
Few of our web servers are managed by an outsourced partner who works as us in the same office, uses our laptops connected to our corp network, and has user accounts in our AD. They requested and applied wildcard certificates… Continue reading Internal CA issues wildcard certificate
This question already has an answer here:
How to send sensitive data through an email?
1 answer
I am working with a guy o… Continue reading Sharing a wildcard certificate [duplicate]
We recently setup a two tier internal certificate authority. We also disseminate Root CAs via Active Directory so certificates from our internal CA are automatically trusted by every (Windows) system in our network.
Our dev… Continue reading Security concerns issuing wildcard certificates to individual employees
Let’s Encrypt claims:
We do not offer Organization Validation (OV), Extended Validation (EV), or wildcard certificates, primarily because we cannot automate issuance for those types of certificates.
To be honest, I… d… Continue reading Why can’t Let’s Encrypt support wildcard certificates?
The time has come for us to renew and update our wildcard certificate. I’ve been tasked with researching the ways we can protect the private key without compromising the security of the certificate. (With the key and cert tog… Continue reading How to ensure wildcard certificate private key security?
The time has come for us to renew and update our wildcard certificate. I’ve been tasked with researching the ways we can protect the private key without compromising the security of the certificate. (With the key and cert tog… Continue reading How to ensure wildcard certificate private key security?
This question already has an answer here:
I know that you can’t use a SSL wildcard certificate for multiple subdomains.
e.g. If I have a certificate for *.example.com I can use it for domains like test.example.com but not for test.test.example.com.
Why is that? I don’t see a security reason why this was done.
If I’m the verified owner of example.com, why should connections to x.x.example.com be insecure?
Continue reading Why no SSL certificate with multiple subdomains [duplicate]
Probably a rather odd question, but something that came to mind.
Wildcard certificates are about 10 times more expensive than a single certificate. However with a single certificate, you can secure sub-domains like secure.example.com ect…. Continue reading Single Domain SSL Certificate vs Wildcard Certificate